Unrated severityNVD Advisory· Published Feb 9, 2021· Updated Aug 3, 2024

CVE-2021-21444

Description

SAP Business Objects BI Platform, versions - 410, 420, 430, allows multiple X-Frame-Options headers entries in the response headers, which may not be predictably treated by all user agents. This could, as a result, nullify the added X-Frame-Options header leading to Clickjacking attack.

Affected products

SAP/BusinessObjects Platform (BI Launchpad)llm-fuzzy
Range: 410, 420, 430
SAP SE/SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad)v5
Range: < 410

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000